General
-
Target
b1b661fec381628844d2e6ab3f5bf7d8d545b689500f083b3261095c55e37332
-
Size
78KB
-
Sample
220201-e3rr9agfdn
-
MD5
26c37b7faa7e4be88b62a530a05766b6
-
SHA1
b93496235b92c66e0ef16d634ca21b9e276471d9
-
SHA256
b1b661fec381628844d2e6ab3f5bf7d8d545b689500f083b3261095c55e37332
-
SHA512
98587b1c1f61a0085092560411df3288f8bd594832c9314e38de7d3c9eb8479e94c18c51670566f827973bd6f93454e6ea057eeb3a1fb8c1259b32e62f38f65e
Behavioral task
behavioral1
Sample
b1b661fec381628844d2e6ab3f5bf7d8d545b689500f083b3261095c55e37332.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
b1b661fec381628844d2e6ab3f5bf7d8d545b689500f083b3261095c55e37332.exe
Resource
win10v2004-en-20220112
Malware Config
Extracted
njrat
0.7.3
system
turk3i.ddns.net:1008
system.exe
-
reg_key
system.exe
-
splitter
123
Targets
-
-
Target
b1b661fec381628844d2e6ab3f5bf7d8d545b689500f083b3261095c55e37332
-
Size
78KB
-
MD5
26c37b7faa7e4be88b62a530a05766b6
-
SHA1
b93496235b92c66e0ef16d634ca21b9e276471d9
-
SHA256
b1b661fec381628844d2e6ab3f5bf7d8d545b689500f083b3261095c55e37332
-
SHA512
98587b1c1f61a0085092560411df3288f8bd594832c9314e38de7d3c9eb8479e94c18c51670566f827973bd6f93454e6ea057eeb3a1fb8c1259b32e62f38f65e
Score10/10-
Executes dropped EXE
-
Sets service image path in registry
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-